Head of Information Security
Unifonic
Total des années d'expérience :23 years, 9 Mois
Establishing a Cybersecurity program and framework following NIST and CIS controls
•Building a team of GRC consultants and technical security engineers.
•Establishing and managing a cyber risk framework in line with regulatory requirements, across GCC countries.
•Liaise and work closely with compliance, internal audit, and enterprise risk teams
•Monitor and report to the board and cybersecurity committee on the security program and KRI's
•Overseeing the DevSecOps and Engineering security requirements to ensure security by design
•Recertified the company in ISO27001
Head of Cyber Security for the Monument Group, driving governance following industry best practices and enhancing security controls
•Devised a Cyber Security strategy from the ground up and built an Infosec team
•Implemented a Security Operations Centre (SOC) to monitor all security events across the group
•Managed cyber risk following the NIST framework and CIS top 20 controls
•Responding to internal audits and regulators such as the BMA, CBI and EIOPA
•Managed the Information Classification and DLP project, using Microsoft Information Protection(purview)
•Managed a continuous vulnerability management and patching program
(Contract)
•Working in Fraud & Security on the AO2 program, responsible for ensuring designs meet the relevant security controls.
•Managing cyber security governance and enforcement of security policy for Telefonica's flagship project
•Advising on the logging and monitoring requirements for the SOC to ensure they meet the above governance but also execute the correct use cases to stop cyber-attacks and reduce false positives
•Establishing Security KPIs for a major program for internal and external suppliers
(Contract)
•Working on-site for a global banking client
•Consulting on Governance for a major security program
•Responding to Central bank audits and developing remediation plans
•Providing technical expertise in the development of the SIEM\SOC
•Covering for the head of IT security to manage the SOC during red team exercises
•Improving the existing Security Operations procedures and Incident response
•Producing DLP training and Information Classification and Labelling review
•Providing technical expertise for Vulnerability Management, Penetration Testing, CIS Standards
Based on site at TESCO Global as an Endpoint security manager
•Managing a team of permanent, contractor staf and managed service providers
•Responsible for security for 200, 000 endpoints
•Working with multiple AV vendors and DLP products to enhance security for clients
•Developing the incident response plan and management procedures
Reporting to the Managing Director on Information Security Consultancy and Training
•Teaching ethical hacking and advanced intrusion techniques to international banking clients
•Management consultancy across the information security domains
•Creating a Cyber Security training program and academy
Delivering end to end projects within timescale and budget
•Managed major Networking, Infrastructure and Security projects.
•Delivered a high-speed trading platform in the Tokyo Stock Exchange for Citibank
Working for a Corporate Intelligence company heading up the Cyber Division
•Reporting directly to the CEO on all Cyber Security matters
•Developing a holistic Cyber Security Platform including dark web intelligence
•Managing teams to perform Vulnerability Scanning & Penetration testing for large Corporate clients
•Providing support post cyber security incident, loss of data, ransomware attacks
Working for a global provider of food, agriculture and risk management with 142, 000 employees in 65 diferent countries
•Directly reporting to the European supervisor, managing technical projects across EMEA
•Responsible for ICT Infrastructure, WIFI and Security projects, across Europe, with a clear understanding of the technical requirements
•
Working for a global Investment Bank within the eDiscovery team.
•Directly reporting to the European supervisor & Global incident Manager
•Senior Stakeholder and Vendor management and close relationships with internal teams
•Managing confidential data on custodians with the highest level of compliance & Security
Working for a global provider of food, agriculture and risk management with 142, 000 employees in 65 diferent countries
•Directly reporting to the European supervisor, managing technical projects across EMEA
•Responsible for ICT LAN\WAN\IPT\Wireless and Security projects, across Europe
•Engaging, presenting and seeking approval from C-Level board members for Changes to the current security environment